Strategic Infrastructure Security
Course length: 5 days
Course Description
The Strategic Infrastructure Security course picks up right where Tactical Perimeter Defense leaves off. The second course in the SCP line-up leads to a certification of
Security Certified Network Professional (SCNP). It will give a network administrator the additional hands-on skills needed to protect their network from the inside out.
This course teaches you about prevention techniques as well as an understanding of risk analysis and security policy creation in a blended technology environment. The
up-to-date security lessons and intense, hands-on labs provide real-world network security training.
The SCNP exam is designed to further validate the critical skills required by IT and security professionals. These skills include, but are not limited to: Cryptography,
Hardening Linux Computers, Hardening Windows Computers, Ethical Hacking Techniques, Security on the Internet and World Wide Web, Performing a Risk Analysis, Creating a
Security Policy, and Analyzing Packet Signatures. Strategic Infrastructure Security replaces Network Defense and Countermeasures with updated technology and intense, hands
on labs.
Prerequisites: To ensure your success, we recommend that you have completed the SCP Tactical Perimeter Defense(TPD) course. The TPD course will ensure you have the ore
security concepts and skills in developing a secure perimeter for your organization.
Delivery Method: Instructor-led, group-paced, classroom-delivery learning model with structured hands-on activities.
Performance-Based Objectives
• Detail the core issues of cryptography, including public and private key.
• Harden SuSe Linux 10 Server computers.
• Harden Windows Server 2003 computers.
• Utilize ethical hacking attack techniques.
• Secure DNS and web servers, and examine Internet and WWW security.
• Perform a risk analysis.
• Create a security policy.
• Analyze packet signatures.
Course Content
Lesson 1: Cryptography and Data Security
Topic 1A: History of Cryptography
Topic 1B: Math and Algorithms
Topic 1C: Private Key Exchange
Topic 1D: Public Key Exchange
Topic 1E: Message Authentication
Lesson 2: Hardening Linux Computers
Topic 2A: Linux Filesystem and Navigation
Topic 2B: General Secure System Management
Topic 2C: User and Filesystem Security Administration
Topic 2D: Network Interface Configuration
Topic 2E: Security Scripting
Topic 2F: Useful Linux Security Tools
Lesson 3: Hardening Windows Server 2003
Topic 3A: Windows 2003 Infrastructure Security
Topic 3B: Windows 2003 Authentication
Topic 3C: Windows 2003 Security Configuration Tools
Topic 3D: Windows 2003 Resource Security
Topic 3E: Windows 2003 Auditing and Logging
Topic 3F: Windows 2003 EFS
Topic 3G: Windows 2003 Network Security
Lesson 4: Attack Techniques
Topic 4A: Network Reconnaissance
Topic 4B: Mapping the Network
Topic 4C: Sweeping the Network
Topic 4D: Scanning the Network
Topic 4E: Vulnerability Scanning
Topic 4F: Viruses, Worms, and Trojan Horses
Topic 4G: Gaining Control Over the System
Topic 4H: Recording Keystrokes
Topic 4I: Cracking Encrypted Passwords
Topic 4J: Revealing Hidden Passwords
Topic 4K: Social Engineering
Topic 4L: Gaining Unauthorized Access
Topic 4M: Hiding Evidence of an Attack
Topic 4N: Performing a Denial of Service
Lesson 5: Security on the Internet and the WWW
Topic 5A: Describing the Major Components of the Internet
Topic 5B: Securing DNS Services
Topic 5C: Describing Web Hacking Techniques
Topic 5D: Describing Methods Used to Attack Users
Lesson 6: Performing a Risk Analysis
Topic 6A: Concepts of Risk Analysis
Topic 6B: Methods of Risk Analysis
Topic 6C: The Process of Risk Analysis
Topic 6D: Techniques to Minimize Risk
Topic 6E: Continuous Risk Assessment
Lesson 7: Creating a Security Policy
Topic 7A: Concepts of Security Policies
Topic 7B: Policy Design
Topic 7C: Policy Contents
Topic 7D: An Example Policy
Topic 7E: Incident Handling and Escalation Procedures
Topic 7F: Partner Policies
Lesson 8: Analyzing Packet Signatures
Topic 8A: Signature Analysis
Topic 8B: Common Vulnerabilities and Exposures (CVE)
Topic 8C: Signatures
Topic 8D: Normal Traffic Signatures
Topic 8E: Abnormal Traffic Signatures
|
